polito.it
Politecnico di Torino (logo)

Side-channel leakage assessment methodology applied to Post Quantum Cryptography algorithm

Lorenzo Cecchetti

Side-channel leakage assessment methodology applied to Post Quantum Cryptography algorithm.

Rel. Maurizio Martina, Guido Masera. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Elettronica (Electronic Engineering), 2022

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB) | Preview
Abstract:

This work describes a methodology that could be integrated as an additional step into the ASIC design-flow for the development of cryptographic devices. The proposed methodology aims at testing the hardness of an ASIC architecture against Power Analysis Attacks (PAA) by executing the attack using power traces obtained from simulations. The tools used to retrieve them have been QuestaSim and PrimeTime and the process has been fully automated due to the large number of simulations needed. The target architecture has been a vector by circulant matrix multiplier which is frequently used in hardware implementations of Post Quantum Cryptography (PQC) decoding and encoding algorithms. The executed PAA attack is a Correlation Power Analysis (CPA) attack which successfully recovered the entire secret key, thus proving the side-channel leakage of the multiplier architecture. After, a study has been conducted to discover the minimum working frequency of the architecture that makes the attack successful and the value found is 400kHz. To validate the results obtained from simulations, the same CPA attack has been executed on an FPGA implementation of the multiplier. The VirtLab board developed by the Politecnico di Torino has been used for this purpose since it can contain both the measuring equipment and the device under test. The maximum sampling frequency reachable on the oscilloscope emulated by the board has been 500 kSa/s thus limiting the working frequency of the multiplier to 250 kHz in order to collect two samples for each clock cycle. As expected, the attack has not recovered the secret key since the reached working frequency has been lower than the threshold found from simulations.

Relatori: Maurizio Martina, Guido Masera
Anno accademico: 2021/22
Tipo di pubblicazione: Elettronica
Numero di pagine: 70
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Elettronica (Electronic Engineering)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-29 - INGEGNERIA ELETTRONICA
Aziende collaboratrici: NON SPECIFICATO
URI: http://webthesis.biblio.polito.it/id/eprint/23436
Modifica (riservato agli operatori) Modifica (riservato agli operatori)